If you are a regular reader of Techglimpse, then you might have read our previous articles about DNS, its types, how it works, difference between authoritative and recursive servers. We also showed you how to identify the DNS server IP address configured on your windows and Linux machines and how to analyze the speed of various DNS servers using the Benchmarking tool called namebench. Today, I’ll show how to install and configure Bind on your Linux based machines.
This tutorial will show the basic configuration of DNS server using bind. Bind is a free package that enables you to setup DNS server. The basic setup of bind will eat up 200 MB of your RAM and be prepared to configure more when the server goes into production (while you add more zones and when the server receives more queries).
Consider the basic setup as below,
One machine for setting up the DNS server - I am going to call this machine as 10.180.8.115.
Sample domain or zone – Techglimpse.com (10.180.3.74) to test the setup
Authoritative Name server for techglimpse.com will be called as ns1.techglimpse.com
Sample subdomains of techglimpse.com are ftp, www, mail.
Download and Install Bind
On Debian based machines,
apt-get install bind9 dnsutils
On CentOs/Fedora based machines,
yum install bind dnsutils
Note: Bind is the DNS server, while the dnsutils contains few dns related commands for testing and troubleshooting. For instance, dig.
Create a Zone file for the domain
As I told earlier, our sample domain will be techglimpse.com. So we’ll create a zone file for that domain. To do that, lets create a directory to store the zone files.
cd /var/named mkdir -p zones/master cd zones/master/
Note: My bind directory is ‘/var/named’, however this might change on your setup. For instance, /etc/named, /etc/bind etc…
Now its time to create zone file for techglimpse.com. The zone will be named as “db.techglimpse.com” which will contain DNS records such A, MX, CNAME etc…
vi /var/named/zones/master/db.techglimpse.com
Paste the below code,
; ; BIND data file for techglimpse.com ; $TTL 3h @ IN SOA ns1.techglimpse.com. admin.techglimpse.com. ( 1 ; Serial 3h ; Refresh after 3 hours 1h ; Retry after 1 hour 1w ; Expire after 1 week 1h ) ; Negative caching TTL of 1 day ; @ IN NS ns1.techglimpse.com. techglimpse.com. IN MX 10 mail.techglimpse.com. techglimpse.com. IN A 10.180.3.74 ns1 IN A 10.180.3.74 www IN CNAME techglimpse.com. mail IN A 10.180.3.74 ftp IN CNAME techglimpse.com.
Note: To set up zones, you should create a similar zone file for every domain you want to resolve through your DNS server. Make necessary changes to the sample zone file above.
A quick look at the zone file:
* SOA Record – It refers to the authoritative nameserver of techglimpse.com as ns1.techglimpse.com and admin.techglimpse.com refers to the email address of the DNS server administrator.
* NS Records: techglimpse.com has one nameserver ns1.techglimpse.com. Normally, domains will have at least two nameservers for high availability. For demonstration, I have named only one name server.
* MX (Mail Exchange): techglimpse.com mail exchange record.
* CNAME Record: Canonical name.
Ok! Whatever we did now is for name to address mapping. Now lets create address to name mapping.
Setup address to name mapping:
We have configured the DNS server resolve to IP address when the domain is queried. Now, we should tell the server to do a reverse lookup as well. I mean, from IP to domain.
vi /var/named/zones/master/db.10.180.3
Paste the below code,
; ; BIND reverse data file for 3.180.10.in-addr.arpa ; $TTL 604800 3.180.10.in-addr.arpa. IN SOA ns1.techglimpse.com. admin.techglimpse.com. ( 1 ; Serial 3h ; Refresh after 3 hours 1h ; Retry after 1 hour 1w ; Expire after 1 week 1h ) ; Negative caching TTL of 1 day ; 3.180.10.in-addr.arpa. IN NS ns1.techglimpse.com. 74.3.180.10.in-addr.arpa. IN PTR techglimpse.com.
Here, 74.3.180.10 is the reverse address of 10.180.3.74. Note the file name as well.
* PTR record : Maps IP address to the domain name.
Configure named.conf to read the zone files
We should configure named.conf to refer the newly created zone files.
/var/named/zones/master/db.techglimpse.com /var/named/zones/master/db.10.180.3
In my machine, the named.conf is located under /etc/. However this might change on your machine; for example: /etc/named/named.conf, /etc/bind/named.conf.
vi /etc/named.conf
Copy and paste the below texts
zone "techglimpse.com" { type master; file "/var/named/zones/master/db.techglimpse.com"; };
zone “3.180.10.in-addr.arpa” {
type master;
file “/var/named/zones/master/db.10.180.3”;
};
Note: Make necessary changes to reflect the actual domain and its zone file locations.
Verify the correctness of the configuration file using the below command.
named-checkconf
Check the zone files for any errors using the below command
named-checkzone
For example
named-checkzone techglimpse.com /var/named/zones/master/db.techglimpse.com zone techglimpse.com/IN: loaded serial 1 OK
named-checkzone 3.180.10.in-addr.arpa /var/named/zones/master/db.10.180.3 zone 3.180.10.in-addr.arpa/IN: loaded serial 1 OK
If the above command responds with status OK, then you are good to proceed with the below steps, else re-check the configuration files for any errors.
Start the Bind server
/etc/init.d/bind9 start
or
/etc/init.d/named start
If there are any errors, you should see those while starting the named or bind9 daemons.
Test the setup
If you remember, I suggested to install dnsutils, which will install a command called ‘dig’.
dig @10.180.8.115 techglimpse.com
; <<>> DiG 9.8.2rc1-RedHat-9.8.2-0.17.rc1.el6_4.6 <<>> @10.180.8.115 techglimpse.com ; (1 server found) ;; global options: +cmd ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 45562 ;; flags: qr aa rd; QUERY: 1, ANSWER: 1, AUTHORITY: 1, ADDITIONAL: 1 ;; WARNING: recursion requested but not available
;; QUESTION SECTION:
;techglimpse.com. IN A
;; ANSWER SECTION:
techglimpse.com. 10800 IN A 10.180.3.74
;; AUTHORITY SECTION:
techglimpse.com. 10800 IN NS ns1.techglimpse.com.
;; ADDITIONAL SECTION:
ns1.techglimpse.com. 10800 IN A 10.180.3.74
;; Query time: 2 msec
;; SERVER: 10.180.8.115#53(10.180.8.115)
;; WHEN: Tue Oct 15 12:42:50 2013
;; MSG SIZE rcvd: 83
Test IP to host resolution,
dig @10.180.8.115 -x 10.180.3.74
; <<>> DiG 9.8.2rc1-RedHat-9.8.2-0.17.rc1.el6_4.6 <<>> @10.180.8.115 -x 10.180.3.74 ; (1 server found) ;; global options: +cmd ;; Got answer: ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 47357 ;; flags: qr aa rd; QUERY: 1, ANSWER: 1, AUTHORITY: 1, ADDITIONAL: 1 ;; WARNING: recursion requested but not available
;; QUESTION SECTION:
;74.3.180.10.in-addr.arpa. IN PTR
;; ANSWER SECTION:
74.3.180.10.in-addr.arpa. 604800 IN PTR techglimpse.com.
;; AUTHORITY SECTION:
3.180.10.in-addr.arpa. 604800 IN NS ns1.techglimpse.com.
;; ADDITIONAL SECTION:
ns1.techglimpse.com. 10800 IN A 10.180.3.74
;; Query time: 2 msec
;; SERVER: 10.180.8.115#53(10.180.8.115)
;; WHEN: Tue Oct 15 12:44:30 2013
;; MSG SIZE rcvd: 105
Note: The first argument tells the dig command to resolve using the DNS server (10.180.8.115; which we installed now) and second argument is the domain name/IP in question.
That’s it. You have configured the Bind successfully.
Also read : Should you enable Recursion on your DNS? It’s vulnerable!
Also read: How to hide the DNS Server’s software name and its version? [DNS Security]
Also read: How to enable BIND DNS server logging to monitor queries and for troubleshooting?